By Timothy Prickett Morgan
IBM has enhanced the AIX operating system for its RS/6000 Unix servers to provide them with improved interoperability with PCs running Windows or OS/2 and enhanced security. AIX Fast Connect for Windows 2.1 allows AIX to be a part of the Network Neighborhood in Windows 95/98 and Windows NT 4.0 environments as well as in Windows for Workgroups, which means that Windows clients attached to an RS/600 server can access files or printers without any other software so long as they are working over a standard TCP/IP connection.
That also means that IBM, bent on pushing server consolidation, can now argue that customers with lots of NT server farms can consolidate them onto fewer RS/6000 servers without changing any of their client software and making only minor changes to AIX. Fast Connect uses the Microsoft Common Internet File System (CIFS) and server message block (SMB) protocols that are part of 32-bit Windows environments and which are also emulated rather effectively in the open source Samba Windows print and file server program for Linux.
Using Fast Connect, client can access AIX’s journaled file system or, if the server is running it, the AIX implementation of Sun’s Network File System. Clients can also access CD-ROM drives on RS/6000 servers. IBM says that Fast Connect has about twice the performance as its current AIX Connections program because Fast Connect uses the TCP/IP sendfile API with an in-kernel network file cache to improve TCP/IP performance. For the moment, Fast Connect, which costs $1,495 for RS/6000s feeding Windows clients, is only available in English, and it does not support the NetBEUI protocol commonly used in local area networks. It does not support Novell or Apple clients, either, and probably won’t unless lots of customers clamor for it. There is also a version of Fast Connect to support OS/2 clients, which costs $1,795 and which supports OS/2 clients accessing printers and remote files through LAN Server, DOS LAN Server 2.0 or DOS LAN Requester 3.0.
AIX Fast Connect for Windows cannot be installed on the same machine as the OS/2 version of the program, and the prior AIX Connections program must also be removed from machines.On the security front, IBM is announcing support of Groupe Bull’s B1/EST-X version 2.0.2 security program for AIX 4.3.2. The program, which is available on a special bid basis from IBM, provides the B1 level of security required by the US Department of Defense. B1/EST-X not only adds functions to AIX, but changes internal AIX code to attain the increased B1 level of security. That is why it has to be installed on a completely clean system from the start; it cannot be added to an existing RS/6000. B1/EST-X includes mandatory access control, password and encryption level management, multilevel directory access control, and a slew of security auditing features to better track user access to resources and root out unauthorized accesses.
IBM says that AIX 4.3.2 has also been enhanced to support the Internet Key Exchange (IKE) protocol for authentication and encryption that has recently been developed by the Internet Engineering Task Force. IKE is a core component of virtual private networks in that it allows businesses to set up more or less direct links with each other over the IPv4 Internet Protocol and has filtering functions that supplement those of an internet firewall program. For those customers who want to go with a packaged, multiplatform security suite, IBM says it also has worked with Check Point Software Technologies to get Version 4.0 of FireWall-1 and VPN-1, Check Point’s firewall and virtual private network software, onto AIX 4.3.2. The new firewall and VPN programs will also work on AIX 4.2.1, HP-UX 10.1 and 10.2, Solaris 2.5 and 2.6 and Windows NT 4.0. Check Point says that Version 4.0 of its firewall offers about 30% performance improvement over the prior Version 3.0.